java.lang.IllegalArgumentException:JRE 1.5 上的 TLSv1.2
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/30889656/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
java.lang.IllegalArgumentException: TLSv1.2 on JRE 1.5
提问by Jai Kishore
I am trying to consume TLSv1.2 enabled protocol web services on JRE 1.5 and facing below issue. Looks like TLSv1.2 does not supported by JRE1.5 but at the same time we cannot upgrade our target environment to a latest version of JRE. IS there any way to make this work in jdk1.5 itself?
我正在尝试在 JRE 1.5 上使用启用了 TLSv1.2 的协议 Web 服务并面临以下问题。看起来 JRE1.5 不支持 TLSv1.2,但同时我们无法将目标环境升级到最新版本的 JRE。有什么办法可以在 jdk1.5 本身中完成这项工作吗?
Exception in thread "main" java.lang.IllegalArgumentException: TLSv1.2
at com.sun.net.ssl.internal.ssl.ProtocolVersion.valueOf(ProtocolVersion.java:120)
at com.sun.net.ssl.internal.ssl.ProtocolList.<init>(ProtocolList.java:36)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.setEnabledProtocols(SSLSocketImpl.java:2017)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:396)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:170)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:857)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:230)
at TLSHandshake.main(TLSHandshake.java:43)
Thanks in advance
提前致谢
回答by Andrius Bentkus
You can use the bouncy castle tls provider library, it has support for jdk 1.5
您可以使用充气城堡 tls 提供程序库,它支持 jdk 1.5
The download site for their libraries is here https://www.bouncycastle.org/latest_releases.htmlyou can also use maven.
他们的库的下载站点在这里https://www.bouncycastle.org/latest_releases.html你也可以使用 maven。
There is also an example on how to use their provider: https://github.com/bcgit/bc-java/blob/master/tls/src/test/java/org/bouncycastle/jsse/provider/test/BCJSSEClientTest.java#L31-L35
还有一个关于如何使用其提供程序的示例:https: //github.com/bcgit/bc-java/blob/master/tls/src/test/java/org/bouncycastle/jsse/provider/test/BCJSSEClientTest。 java#L31-L35
回答by Robert
Most developer questions that end with "is it possible?" can be answered yes. The only problem may be the necessary effort and the costs...
大多数以“这可能吗?”结尾的开发人员问题 可以回答是。唯一的问题可能是必要的努力和成本......
Java is at large parts a modular architecture which means that you can implement own modules that replace and extend functionality from Java.
Java 在很大程度上是一种模块化架构,这意味着您可以实现自己的模块来替换和扩展 Java 的功能。
If you want you can implement your own networking implementation that uses a JNI part for establishing TLS 1.2 connections. The JNI part would use one of the common SSL/TLS native libraries such as OpenSSL/LibreSSL/gnutls,...).
如果您愿意,您可以实现自己的网络实现,该实现使用 JNI 部分来建立 TLS 1.2 连接。JNI 部分将使用常见的 SSL/TLS 本地库之一,例如 OpenSSL/LibreSSL/gnutls,...)。
From my understanding this would require an very experienced Java and C/C++ developer (team) for some weeks/months.
根据我的理解,这需要一个非常有经验的 Java 和 C/C++ 开发人员(团队)几个星期/几个月。
From a long term perspective using that developer (team) for migrating to Java 1.7/1.8 would make more sense.
从长远来看,使用该开发人员(团队)迁移到 Java 1.7/1.8 会更有意义。
